General
-
Target
34a5fcc5e5d4d4f96c8352bbf9f0a2947a9a321b7156740eff4fbfa9277b5c31N
-
Size
696KB
-
Sample
241110-bwvnsawfqj
-
MD5
ccfc0b8fcfc903b655dc0211e1aed880
-
SHA1
4179686b6f38115bdb4a7a70b06d75bb16bafef3
-
SHA256
34a5fcc5e5d4d4f96c8352bbf9f0a2947a9a321b7156740eff4fbfa9277b5c31
-
SHA512
d5e69961150e81e64a6aa4733465f7627df1571afcde21037ad5278499a395a702f3d183279c283bb10a11ae031a7ea14e34510631370dcdf238615242f1d576
-
SSDEEP
12288:Oy90PKKexzrE1IjmQ/zwf6ZPP3mWBhdFD2iUm7I5FI8BjmUPsot8Pxb:OysleRrEEmgEU3mWvdNF5mLNbBt8h
Static task
static1
Behavioral task
behavioral1
Sample
34a5fcc5e5d4d4f96c8352bbf9f0a2947a9a321b7156740eff4fbfa9277b5c31N.exe
Resource
win10v2004-20241007-en
Malware Config
Targets
-
-
Target
34a5fcc5e5d4d4f96c8352bbf9f0a2947a9a321b7156740eff4fbfa9277b5c31N
-
Size
696KB
-
MD5
ccfc0b8fcfc903b655dc0211e1aed880
-
SHA1
4179686b6f38115bdb4a7a70b06d75bb16bafef3
-
SHA256
34a5fcc5e5d4d4f96c8352bbf9f0a2947a9a321b7156740eff4fbfa9277b5c31
-
SHA512
d5e69961150e81e64a6aa4733465f7627df1571afcde21037ad5278499a395a702f3d183279c283bb10a11ae031a7ea14e34510631370dcdf238615242f1d576
-
SSDEEP
12288:Oy90PKKexzrE1IjmQ/zwf6ZPP3mWBhdFD2iUm7I5FI8BjmUPsot8Pxb:OysleRrEEmgEU3mWvdNF5mLNbBt8h
-
Detects Healer an antivirus disabler dropper
-
Healer family
-
RedLine
RedLine Stealer is a malware family written in C#, first appearing in early 2020.
-
RedLine payload
-
Redline family
-
Executes dropped EXE
-
Adds Run key to start application
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Create or Modify System Process
1Windows Service
1